If you receive an e-mail that claims to contain software from Microsoft, do not run the attachment. The safest course of action is to delete the mail altogether. If you would like to take additional action, report the e-mail to the sender's Internet Service Provider. Most ISPs provide an "abuse" email id for this purpose.
Installing the update means you are installing the Virus yourself (Swen / Gibe Virus)
The e-mail attachment may look alike or similar to this one below:
Microsoft _NEVER_ distributes software via email. The mail which you received is not from Microsoft, though the return address says so. The only trusted source for downloading updates for the Operating System is from Windows Updates page
Microsoft Policies on Software Distribution
How to Tell If a Microsoft Security-Related Message Is Genuine
BBC NEWS | Technology | Virus mimics Microsoft e-mail
Virus Masquerades as Microsoft E-Mail
Symantec Security Response - W32.Swen.A@mm
Symantec Security Response - W32.Gibe.B@mm
Symantec Security Response - Trojan.Xombe: Mimics Microsoft e-mail
You receive an error message when you try to start a program that has an .exe file name extension